Org registration can be front-runned each time, which may be weaponized to DoS victim using palmera module

[hats-bug-reporter[bot]]

Github username: -- Twitter username: -- Submission hash (on-chain): 0xc46d278eea07d5ad637bc97a456f2e840045d88cf91697cfde72bd2cad87b5df Severity: medium

Description: Description\ If an organization want to benefit from palmera safe module and utilities, it's safe has to call PalmeraModule::registerOrg with orgName. The problem here is that if a name, which already exists is provided, the transaction will revert inside _createOrgOrRoot:

    /// @notice Refactoring method for Create Org or RootSafe
    /// @dev Method Private for Create Org or RootSafe
    /// @param name String Name of the Organisation
    /// @param caller Safe Caller to Create Org or RootSafe
    /// @param newRootSafe Safe Address to Create Org or RootSafe
    function _createOrgOrRoot(
        string memory name,
        address caller,
        address newRootSafe
    ) private returns (uint256 safeId) {
        if (bytes(name).length == 0) {
            revert Errors.EmptyName();
        }
        bytes32 org = caller == newRootSafe
            ? bytes32(keccak256(abi.encodePacked(name)))
            : getOrgHashBySafe(caller);
        if (isOrgRegistered(org) && caller == newRootSafe) {
            revert Errors.OrgAlreadyRegistered(org);
        }
        if (isSafeRegistered(newRootSafe)) {
            revert Errors.SafeAlreadyRegistered(newRootSafe);
        }

This could be weaponized by malicious actors and prevent famous organizations from using palmera module. Attack Scenario\

• Uniswap wants to create a palmera module and call registerOrg with "Uniswap" as param
• Malicious actor sees it and front-run their transaction from his safe and executes it.
• Uniswap transaction reverts
• This can be repeated unlimited times.

Attachments

1. Proof of Concept (PoC) File Will provide if needed

2. Revised Code File (Optional) Will provide in comments.

[0xRizwan]

duplicate of #3